The invention generally relates to the field of secure network communications. The invention relates more specifically to a method for pre-authenticating communications between a client and a middleware server in a network.
Recently, technology has been developed that allows for wireless devices, such as personal digital assistants (PDAs), cell phones, and two-way pagers, to access computer networks; computer networks are no longer physically limited to a hard-wired environment. In the past, database or systems administrators for a computer network have been forced to work within the physical confines of a secure office computer network at a company or other organization. Access to a computer network through a wireless device allows the administrator to monitor and manage the computers within the network remotely. If the administrator does not happen to be physically near in the event of a crisis, then wireless access translates directly into a quicker response to problems and less downtime. This is extremely valuable to companies, such as banks, auction houses, brokerage firms, etc., which must keep their systems running uninterrupted in order to prevent a loss of revenue.
Thus, wireless devices provide an excellent solution to many old problems in systems and database administration, but they also introduce a new problem: how can communications within a network that includes wireless devices be kept secure? For a system or database to be administrated or managed remotely, communications within the network must be kept secure at all times and in all places to avoid a leak of confidential information. The difficulties of keeping a computer network secure are increased dramatically when wireless communications are allowed between computers within the network.
In the present state of the art in wireless communications, information is transmitted to and from a wireless device by electromagnetic radiation that will inevitably travel through public spaces. It is not desirable, and in some cases it may be a violation of law, for a company to allow public access to the information kept in its computer network. In addition, data must be transferred between a server inside, and a server outside a company""s Intranet before it can be broadcast to a wireless device. Each connection must be secure to prevent unauthorized access to a secure computer network. Since private or confidential information may be kept in a computer within a secure computer network, it is extremely important that all communications within a network are secure.
Wireless devices present additional challenges to securing a computer network since they usually have fewer computing resources (e.g., processing power, memory, and bandwidth) available than do non-portable or handheld devices. Previous methods for securing a computer network have relied on algorithms that require a very fast processor or a long time to complete. Other methods have relied on a large amount of memory. The security methods used with non-wireless devices are not useful for securing a wireless device.
Currently, one of the most widely used methods for securing a computer network is with public key (also called xe2x80x9casymmetricxe2x80x9d) encryption. The use of public key encryption, in which a secret key is securely exchanged between a client and a server using a public key, is so prevalent that most current versions of Web browsers, such as NETSCAPE NAVIGATOR or MICROSOFT INTERNET EXPLORER, come preinstalled with xe2x80x9cCertificatesxe2x80x9d for the most often visited xe2x80x9cCertificate Authoritiesxe2x80x9d on the Web.
Public key encryption is not well adapted for use within a computer network that includes wireless devices. Public key encryption is slow and difficult to implement in hardware. Public key encryption algorithms may run 10,000 times slower than a comparable private key (or xe2x80x9csymmetricxe2x80x9d) encryption algorithm. Even in the future, when wireless devices are built with the computational resources today available only for desktop computers, public key encryption methods would be undesirable. In part because of their wide use there are many known ways for circumventing public key encryption.
One serious vulnerability in the public key encryption method exists in a step of requesting and transferring a private key from an internal server to a client within a network. This vulnerability can be exploited by xe2x80x9chijackingxe2x80x9d a private key request from the client to the internal server. The request is hijacked by an xe2x80x9cimpostorxe2x80x9d server, a server that acts in place of the internal server intended for communication with the client. The impostor server sends its own private key back to the client, and subsequent communication between the client and the impostor server is carried out with that private keyxe2x80x94the client has no way of knowing that the impostor server is not the internal server it had intended for communication, and all information transferred to the impostor server is available for inspection by the impostor server""s owner, usually a competing or hostile company that has specifically targeted the client will engage in this kind of attack. Use of a public key encryption method, in this case, would make all of the confidential information transferred within the computer network directly available to that competitor.
The present invention is a method for secure network communication between a client and an internal server. The method involves the use of a middleware server, which allows ill-performing and potentially insecure communications protocols to be off-loaded onto a more powerful machine running in a more secure environment, e.g., within a company""s Intranet. There are three basic steps in the method: (1) using a middleware server for processing public key encrypted messages sent between the client and the internal server; (2) using the client and the internal server for processing private key encrypted messages sent between the client and the internal server; and (3) using the middleware server, relaying private key encrypted messages sent between the client and the internal server. The security of the method can be further improved in by adding the step of pre-authenticating the client with a server key by securely copying the server key from the middleware server to the client.
No particular private key encryption is necessary for the method of the present invention, and in different embodiments of the invention different private key (or symmetric) encryption algorithms may be used. Accordingly, an additional step of using algorithm identification information to specify a private key encryption algorithm used for processing private key encrypted messages sent between the client and the internal server may be implemented.
Connections requested by a client may not always be established. In an embodiment, the present invention also provides an optional step of using the middleware server to notify the client when a connection between the client and the internal server is not completed.
In an embodiment, a method for secure network communication between a client and an internal server using a middleware server, might be implemented with a set of steps that may include, but is not limited to the following set of steps. The steps do not necessarily have to be executed in the order specified below, and could be executed in a different order.
The method begins by using the middleware server to generate a server key. The server key is then stored in memory on the middleware server. The memory used for storing the server key might be a hard disk, floppy disk, read only memory (ROM), random access memory (RAM), or some other form of memory designed to store digital information. The client is then pre-authenticated by securely copying the server key from the middleware server to the client, and by storing the server key in memory on the client. Subsequent communications between the client and the middleware server are carried out using the server key to encrypt and decrypt the communications.
The second set of steps includes using the client to generate location information for identifying the location of the internal server. After generation of the location information, which might be an Internet Protocol (IP) address or host name, the client continues by encrypting the location information using the server key stored in memory on the client to produce server key encrypted location information. The server key encrypted location information is sent from the client to the middleware server. The middleware server decrypts the server key encrypted location information using the server key stored in memory on the middleware server to produce the (original) location information generated by the client.
A significant advantage to the present invention is achieved in the next step, in which the middleware server is used to perform the public key encryption (or xe2x80x9chandshakingxe2x80x9d) necessary for secure communication with the internal server. The processing of public key messages sent between the middleware server and the internal server in this step saves the computing resources of the client from being spent on such public key encryption.
After performing public key encryption, the middleware server requests a connection with the internal server specified by the location information. The internal server generates a session key, and continues the method by sending the session key to the middleware server. Having received the session key, the middleware server proceeds by encrypting the session key using the server key stored in memory on the middleware server to produce a server key encrypted session key, which is sent from the middleware server to the client.
Upon receipt of the server key encrypted session key, the client takes the step of decrypting the server key encrypted session key using the server key stored in memory on the client to produce the (original) session key. The client then continues by creating connection information for a connection between the client and the internal server. Using the session key, the client then encrypts the connection information in order to produce session key encrypted connection information, and sends the session key encrypted connection information to the middleware server.
The middleware server receives the session key encrypted connection information, and proceeds by relaying session key encrypted connection information to the internal server. The internal server decrypts the session key encrypted connection information using the session key that it generated, and may then proceed by completing a connection between the client and the internal server with the connection information. Once the connection has been completed, the middleware server may be used to patch the connection through to the client from the internal server.
The security of the method may be further improved by forcing the client to connect to the middleware server on a predetermined port, which might not be a xe2x80x9cwell-knownxe2x80x9d port, as would be used for typical non-secured network communication.
In another embodiment of the present invention, the private key (or symmetric) encryption algorithm used to produce the session key (and to encrypt and decrypt communications between the client and the internal server) is specified by using the internal server to generate an algorithm identification. The algorithm identification might be in any data format that would allow for a particular encryption algorithm within a finite set of such algorithms to be identified uniquely. In an embodiment, the set of symmetric encryption algorithms might include DES, DESX, AES, 3DES, Blowfish, or IDEA. Other symmetric encryption algorithms might be chosen to be included with the set based on the kinds of computing resources available and on other factors, as is known to one of ordinary skill in the art.
After selecting an algorithm, and producing an algorithm identification, the method proceeds with the step of sending the algorithm identification from the internal server to the middleware server. Before sending the algorithm identification to client, the middleware server encrypts the algorithm identification using the server key stored in memory on the middleware server to produce server key encrypted algorithm identification. Upon receipt at the client, the server key encrypted algorithm identification is decrypted, producing the (original) algorithm identification. The encryption algorithm that is to be used with the session key is identified with the algorithm identification. When more than one encryption algorithm is used and identified according to this method, the difficulty of cracking an encrypted messages increases greatly: when the messages are encrypted using different algorithms, the message contents may not be xe2x80x9cguessedxe2x80x9d as easily by comparison (i.e., the messages are not as susceptible to cryptanalysis because both the algorithm and the key space varies).
In order to further secure the computer network using the method of the present invention, an optional set of steps including a xe2x80x9cpingingxe2x80x9d or periodic polling may be implemented. The pinging may be performed in either direction within the network, i.e., in the present invention, a ping might be sent from the client to the middleware server, from the middleware server to the client, from the middleware server to the internal server, or from the internal server to the middleware server. Connections that remain idle for longer than a predetermined length of time might be dropped. This feature makes certain cryptanalytic attacks on the computer network more difficult, since some attacks may require passive listening on the client side in order to gain unauthorized access to the network.
In an embodiment of the present invention, the public key encryption is carried out using the Secure Sockets Shell (SSH). SSH establishes a single TCP/IP connection from the client to the server. The communications through the connection are encrypted (using an asymmetric encryption algorithm). Both the client and the server identity may be authenticated (or pre-authenticated as in the present invention) using SSH. The communications may also be compressed. In other embodiments of the present invention, a different protocol, such as SSL or TSL might be used for these steps of the method, and, as would be recognized by one of ordinary skill in the art, it is not necessary to the present invention that SSH be used with these steps in the method.
Another embodiment of the present invention relies on the 3DES encryption algorithm as its symmetric encryption algorithm, using 3DES to generate the session key (although the algorithm may also be varied, as described above). The 3DES algorithm is a modification of the older Data Encryption Standard (DES) algorithm. The DES has a key length of 56 bits, which is often expressed as a 64-bit number, with the extra eighth bits being used for parity. From the key, 16 subkeys are derived, which are used in 16 separate rounds of the algorithm. The 3DES encryption algorithm is substantially similar to the DES algorithm, but is applied in three separate rounds, with a new 56-bit key in each round. The 3DES encryption algorithm is thought to be unbreakable (i.e., not vulnerable to cryptanalysis) for the foreseeable future, even taking into account future advances in computing resources.
In order to implement the method of the present invention within a computer network that includes wireless devices, it may be necessary to perform some additional manipulations to the data transferred between wireless devices and other computers within the network. In particular, communications to and from a wireless device may be short because of bandwidth considerations, even as short as a single key stroke. According to an embodiment of the present invention, short communications are xe2x80x9cpaddedxe2x80x9d with zeros before encryption and the padding of zeros is removed after decryption. This additional step may be necessary for the method of the present invention to be used with certain encryption algorithms that require a minimum block size.
An important advantage of the present invention is that it is not limited to use with a computer network that includes wireless devices. The present invention is well adapted for use in securing a computer network that includes wireless devices because it lessens the burden on the computing resources of a client, but it is not necessary to the present invention that the client be a wireless device. The client could be any computer within a computer network. In particular, the client might be a computer that has fewer computing resources than other computers within the computer network, but is not a wireless device. As would be recognized by one of ordinary skill in the art, there is nothing about the method of the present invention that requires the use of a wireless device within the computer network, and the present invention might be implemented for use within a network that includes other types of clients with limited computing resources, such as a computer network of Internet appliances or game consoles.